Skip to content

Commit 3eab784

Browse files
authored
Merge branch 'main' into remove-SetupMetrics-usage
2 parents c327089 + 193a3c3 commit 3eab784

File tree

183 files changed

+12211
-1552
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

183 files changed

+12211
-1552
lines changed

.buildkite/x-pack/pipeline.xpack.filebeat.yml

Lines changed: 14 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -212,9 +212,13 @@ steps:
212212
env:
213213
ASDF_TERRAFORM_VERSION: "1.9.3"
214214
ASDF_PYTHON_VERSION: "3.9.13" # Not needed by ECH tests, but needed by VM
215-
EC_ENDPOINT: "https://api.staging.elastic-gov.com"
216-
TF_VAR_ech_region: "us-gov-east-1"
217-
TF_VAR_deployment_template_id: "aws-general-purpose"
215+
# We are temporarily using the Production CFT environment instead of the Staging GovCloud
216+
# one. This is being done until issues with creating deployments in Staging GovCloud are
217+
# fixed. Once this happens, uncomment the lines below and delete the gcp-us-west2 line.
218+
# EC_ENDPOINT: "https://api.staging.elastic-gov.com"
219+
# TF_VAR_ech_region: "us-gov-east-1"
220+
# TF_VAR_deployment_template_id: "aws-general-purpose"
221+
TF_VAR_ech_region: "gcp-us-west2"
218222
command: |
219223
.buildkite/scripts/custom_fips_ech_test.sh x-pack/filebeat
220224
retry:
@@ -237,7 +241,12 @@ steps:
237241
branches: "main"
238242
debug: true
239243
- elastic/vault-secrets#v0.1.0:
240-
path: "kv/ci-shared/platform-ingest/platform-ingest-ec-staging-gov"
244+
# We are temporarily using the Production CFT environment API key instead of the
245+
# Staging GovCloud one. This is being done until issues with creating deployments in
246+
# Staging GovCloud are fixed. Once this happens, uncomment the line below and delete
247+
# the vault_ec_key_prod line.
248+
# path: "kv/ci-shared/platform-ingest/platform-ingest-ec-staging-gov"
249+
path: "kv/ci-shared/platform-ingest/platform-ingest-ec-prod"
241250
field: "apiKey"
242251
env_var: "EC_API_KEY"
243252
notify:
@@ -594,4 +603,4 @@ steps:
594603
instanceType: "${AWS_ARM_INSTANCE_TYPE}"
595604
notify:
596605
- github_commit_status:
597-
context: "x-pack/filebeat: Packaging Linux arm64 FIPS"
606+
context: "x-pack/filebeat: Packaging Linux arm64 FIPS"

.buildkite/x-pack/pipeline.xpack.metricbeat.yml

Lines changed: 13 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -249,9 +249,13 @@ steps:
249249
env:
250250
ASDF_TERRAFORM_VERSION: "1.9.3"
251251
ASDF_PYTHON_VERSION: "3.9.13" # Not needed by ECH tests, but needed by VM
252-
EC_ENDPOINT: "https://api.staging.elastic-gov.com"
253-
TF_VAR_ech_region: "us-gov-east-1"
254-
TF_VAR_deployment_template_id: "aws-general-purpose"
252+
# We are temporarily using the Production CFT environment instead of the Staging GovCloud
253+
# one. This is being done until issues with creating deployments in Staging GovCloud are
254+
# fixed. Once this happens, uncomment the lines below and delete the gcp-us-west2 line.
255+
# EC_ENDPOINT: "https://api.staging.elastic-gov.com"
256+
# TF_VAR_ech_region: "us-gov-east-1"
257+
# TF_VAR_deployment_template_id: "aws-general-purpose"
258+
TF_VAR_ech_region: "gcp-us-west2"
255259
command: |
256260
.buildkite/scripts/custom_fips_ech_test.sh x-pack/metricbeat
257261
retry:
@@ -274,7 +278,12 @@ steps:
274278
branches: "main"
275279
debug: true
276280
- elastic/vault-secrets#v0.1.0:
277-
path: "kv/ci-shared/platform-ingest/platform-ingest-ec-staging-gov"
281+
# We are temporarily using the Production CFT environment API key instead of the
282+
# Staging GovCloud one. This is being done until issues with creating deployments in
283+
# Staging GovCloud are fixed. Once this happens, uncomment the line below and delete
284+
# the vault_ec_key_prod line.
285+
# path: "kv/ci-shared/platform-ingest/platform-ingest-ec-staging-gov"
286+
path: "kv/ci-shared/platform-ingest/platform-ingest-ec-prod"
278287
field: "apiKey"
279288
env_var: "EC_API_KEY"
280289
notify:

.github/CODEOWNERS

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,6 @@ CHANGELOG*
7474
/libbeat/processors/translate_sid/ @elastic/sec-windows-platform
7575
/libbeat/reader/etw/ @elastic/sec-windows-platform
7676
/libbeat/reader/syslog/ @elastic/integration-experience
77-
/libbeat/scripts @elastic/observablt-ci @elastic/observablt-ci-contractors
7877
/licenses/ @elastic/elastic-agent-data-plane
7978
/metricbeat/ @elastic/elastic-agent-data-plane
8079
/metricbeat/docs/ # Listed without an owner to avoid maintaining doc ownership for each input and module.

CHANGELOG.next.asciidoc

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -161,6 +161,7 @@ otherwise no tag is added. {issue}42208[42208] {pull}42403[42403]
161161
- Update github.com/go-viper/mapstructure/v2 to v2.4.0 {pull}46335[46335]
162162
- Update github.com/docker/docker to v28.3.3 {pull}46334[46334]
163163
- Make data updates in add_host_metadata processor synchronous {pull}46546[46546]
164+
- Fixed a panic in the Kafka output that could occur when shutting down while final events were being published. {issue}46109[46109] {pull}46446[46446]
164165

165166
*Auditbeat*
166167

@@ -289,6 +290,7 @@ otherwise no tag is added. {issue}42208[42208] {pull}42403[42403]
289290
- In Filestream, setting `clean_inactive: 0` does not re-ingest all files on startup any more. {issue}45601[45601]
290291
+{pull}46373[46373]
291292
- Fix metrics from TCP & UDP inputs when the port number is > 32767 {pull}46486[46486]
293+
- [Journald input] Fix reading all files in a folder and watching for new ones. {issue}46657[46657] {pull}46682[46682]
292294

293295
*Heartbeat*
294296

@@ -380,6 +382,7 @@ otherwise no tag is added. {issue}42208[42208] {pull}42403[42403]
380382
- Add linux capabilities to processes in the system/process. {pull}37453[37453]
381383
- Add process.entity_id, process.group.name and process.group.id in add_process_metadata processor. Make fim module with kprobes backend to always add an appropriately configured add_process_metadata processor to enrich file events {pull}38776[38776]
382384
- Split module/system/process into common and provider bits. {pull}41868[41868]
385+
- Add new ETW FIM backend for Windows. {pull}45887[45887]
383386

384387
*Auditbeat*
385388

@@ -541,6 +544,8 @@ otherwise no tag is added. {issue}42208[42208] {pull}42403[42403]
541544
- Improve CEL input documentation of authentication options. {pull}46253[46253]
542545
- Add status reporting support for Azure Event Hub v2 input. {pull}44846[44846]
543546
- Add documentation for device collection in Entity Analytics Active Directory Filebeat's input. {pull}46363[46363]
547+
- Hints based autodiscover now sets `close.on_state_change.removed: false` in the default configuration to avoid missing the last log lines from a container. {issue}34789[34789] {pull}46695[46695]
548+
- Journald input now supports reading from multiple journals, including remote ones {issue}46656[46656] {pull}46722[46722]
544549

545550
*Auditbeat*
546551

0 commit comments

Comments
 (0)